Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [higgins-dev] Digital Identity and IContext open() method
So by 'provider' I was just referring to the extension that implements the Namespace extension point...simply a provider for creating ID instances of arbitrary type.
I understand. I'm just claiming that IdAS should not have to provide code to create the tokens needed to authenticate to Contexts. It's the consumer's responsibility for creating this token, and it's the Context's responsibility to tell the user what it needs (via the policy). If the consumer uses a Namespace ID extension, that's fine -- but that's code that lives on his side of the interface, not ours. (I'm hoping someone else will jump in a agree or disagree with me on this.)
I have to admit I'm still a little confused by the current use of the term 'provider' WRT the Higgins model. Given the recent discussions it's not at all clear to me what the sequence of operations is for creating/using an IContext with a real use case. Could someone point me to example and/or junit test code that uses the API in current expected/proscribed manner? 



Let me give it a try:
(1) Consumer of IdAS service (aka User) needs to get a particular Attribute value for a particular DigitalSubject, and he has the URI of a Context that is likely to provide the required value.
(2) User contacts IdAS service and finds a ContextFactory that can handle this URI. 

(3) User asks the ContextFactory to create an IContext.
(4) User queries the Context's policy (IContext.getPolicy) to determine what credentials are needed to open it.
(5) User calls IContext.open to authenticate to the Context and gain access to its data.
(6) User searches for DigitalSubject (IContext.getSubjects) and retrieves desired Attribute value (IDigitalSubject.getAttribute). 

(7) User calls IContext.close to terminate use of the Context.

Back to the top